What is the proper organizational role of internal auditing A to serve as an independent objective assurance and consulting activity that adds value to operations?
Following the 2018 update of the Singapore Code of Corporate Governance, the Singapore Exchange Listing Ruleswere also amended that made it mandatory, effective 1 January 2019, for all issuers to “establish and maintain on an ongoing basis, an effective internal audit function that is adequately resourced and independent of the activities it audits. Show
Internal audit is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operational, financial, compliance and technological processes. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, internal control, and governance processes. According to the corporate governance framework, the “three lines of defense” model depicts a conceptual delineation of control levels: line controls, second-level monitoring controls and third-line independent assurance.” Internal audit function takes on the “Third Line role”, and it covers an undertaking of a systematic and risk-based audit of both the first and second lines of defense. Though the basic tenets of the primary role and responsibility of internal audit should always remain unchanged, the current IA trends is to move away from the traditional internal audit approach and journey toward control self-assessment, risk management and value creation.
Relationship Between Internal and External Audit Internal and external audit are complementary functions within the assurance framework that maintain clear boundaries and independence from each other. Both perform very different roles according to their respective international standards and report separately to the Board or Audit Committee. However, internal and external audit should maintain a constructive relationship that ensure appropriate and regular communication and the sharing of information that can be of benefit to the organizations they serve. Difference Between Internal and External Auditing External auditors generally provide assurance to shareholders and investors who need to rely on proper conduct of business activities and the production of reliable financial information. The main objective of an external audit are to determine the accuracy and completeness of client’s accounting records, whether the accounting records have been prepared in accordance with the applicable accounting standards, and whether client’s financial statements present its results and financial position fairly. Internal auditors provide an objective and independent assurance within the governance boundary i.e. reasonable assurance of the overall effectiveness of governance, risk management and internal controls (financial, compliance, operational and technological controls) in the organization to the board of directors, audit committee and senior management. Internal audit thus has a much broader remit covering both financial and non-financial business activities and controls at the strategic and operational levels within the organization. In Singapore, audited financial statements can only be signed off by a person who is registered or deemed to be registered in accordance with the Accountants Act (Chapter 2) as a public accountant, whereas there is no government regulation requiring that internal audit works are only be performed by a registered person under a specific legislation in the country. Listed below are some of the key qualifications recognised in the internal audit field in Singapore: (a) Certified Internal Auditor (CIA) (b) Chartered Accountant (CA) / Certified Practicing Accountant (CPA) (c) Association of Chartered Certified Accountants (ACCA) (d) Fellow Member of the Institute of Internal Auditors (FIIA) (e) Certification in Control Self-Assessment (CCSA) (f) Certified Financial Services Auditor (CFSA) (g) Certified Government Auditing Professional (CGAP) (h) Certification in Risk Management Assurance (CRMA) (i) Certified Fraud Examiner (CFE) (j) Certified Information Systems Auditor (CISA) Source: Internal Audit Disclosure Guide Interaction Between Internal and External Audit As a general principle, external auditors are able to use evidence and reports from the internal audit works to inform their understanding of the organisation and its control environment to help assess the risks of material misstatement. In Singapore, external auditors are permitted to use the works of internal auditors in accordance with the revised Singapore Standard on Auditing SSA 610 (Revised 2013). From the perspective of internal audit’s practices, Standard 2050 of the IIA Global International Standards for the Professional Practice of Internal Auditing (International Standards) states the following: “The chief audit executive should share information, coordinate activities and consider relying upon the work of other internal and external assurance and consulting service providers to ensure proper coverage and minimize duplicate of efforts”. International Standards for the Professional Practice of Internal Auditing Internal auditing is conducted in diverse legal and cultural environments; for organizations that vary in purpose, size, complexity, and structure; and by persons within or outside the organization. While differences may affect the practice of internal auditing in each environment, conformance with The IIA’s International Standards for the Professional Practice of Internal Auditing (Standards) is essential in meeting the responsibilities of internal auditors and the internal audit activity. The International Professional Practices Framework (IPPF) is the conceptual framework that organizes authoritative guidance promulgated by The Institute of Internal Auditors (IIA). A trustworthy, global, guidance-setting body, The IIA provides internal audit professionals worldwide with authoritative guidance organized in the IPPF as mandatory guidance and recommended guidance. Together with the Code of Ethics, the Standards encompass all mandatory elements of the International Professional Practices Framework; therefore, conformance with the Code of Ethics and the Standards demonstrates conformance with all mandatory elements of the International Professional Practices Framework. For more details, read Professional Guidance. SGX RegCo has published a Regulator’s Columnto provide guidance on its expectations of the IA function of listed issuers based on the Institute of Internal Auditors (IIA) ‘s Three Lines Model: 1) a Governing Body which retains accountability to stakeholders, sets strategic directions and maintains oversight from regular reporting to ensure that governance, risk management and internal control processes are effective; 2) a Management which maintains the appropriate internal structure for governance and process to manage operational and compliance risks, in support of the delivery of company’s objectives; and 3) an IA function, being the third line role, which is accountable to the Board and provides assurance that the company’s governance structures and risk management procedures continue to be effective and adequate. The IIA has also provided authoritative guidance for IA professionals worldwide via the International Professional Practices Framework (“IPPF”). The 10 Core Principles of the IIA’s IPPF are as follows:
As mentioned in the Regulator’s Column, SGX Listing Rule 719(3) and Practice Guidance 10 of the CG Code echo Principles 2, 3 and 5 of the IPPF. SGX RegCo will continue to provide guidance and work closely with IIA Singapore, an affiliate of the the global IIA, and the only professional body dedicated to the advancement and development of the internal audit profession in Singapore. The focus of this collaboration will be on enhancing the state of internal audit for listed companies in Singapore. Copyright 2022. Mckell Risk Management Pte. Ltd. All rights reserved. What is the proper organizational role of internal auditing?The internal audit activity helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.”
What is the proper organizational role of internal auditing quizlet?The proper organizational role of internal auditing is to: Assist the external auditor in order to reduce external audit fees. Perform studies to assist in the attainment of more efficient operations. Serve as an independent, objective assurance and consulting activity that adds value to operations.
What are the duties of the internal audit Department in terms of independence and objectivity?Independence & Objectivity
Objectivity requires that internal auditors do not subordinate their judgment on audit matters to others. (Source: The IIA). All internal auditors need to remain independent from University functions and decision-making in order to support their objective state of mind in their work.
Why is it important for the internal audit function to be independent from the functions that it audits?It provides independent assurance that an organization risk management, governance, and internal control process are operating effectively. Internal auditor looks discrepancies between operational process and the processes are designed to do.
|